CVE-2011-3339
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file.
Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el "Admin Control Center" de Sentinel HASP Run-time Environment 5.95 y versiones anteriores de SafeNet Sentinel HASP (anteriormente Aladdin HASP SRM) run-time installer en versiones anteriores a 6.x y SDK anteriores a 5.11, tal como se utiliza en 7 Technologies (7T) IGSS 7 y otros productos, si Firefox 2.0 es utilizado, permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de vectores desconocidos que provocan el acceso de escritura al archivo de configuración.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-08-29 CVE Reserved
- 2011-12-17 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/51028 | Vdb Entry | |
http://www.us-cert.gov/control_systems/pdf/ICSA-11-314-01.pdf | Third Party Advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/71789 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.safenet-inc.com/support-downloads/sentinel-drivers/CVE-2011-3339 | 2017-08-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
7t Search vendor "7t" | Igss Search vendor "7t" for product "Igss" | 7 Search vendor "7t" for product "Igss" and version "7" | - |
Affected
| in | Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 2.0 Search vendor "Mozilla" for product "Firefox" and version "2.0" | - |
Safe
|
Safenet-inc Search vendor "Safenet-inc" | Sentinel Hasp Run-time Search vendor "Safenet-inc" for product "Sentinel Hasp Run-time" | <= 5.95 Search vendor "Safenet-inc" for product "Sentinel Hasp Run-time" and version " <= 5.95" | - |
Affected
| in | Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 2.0 Search vendor "Mozilla" for product "Firefox" and version "2.0" | - |
Safe
|
Safenet-inc Search vendor "Safenet-inc" | Sentinel Hasp Sdk Search vendor "Safenet-inc" for product "Sentinel Hasp Sdk" | <= 5.10 Search vendor "Safenet-inc" for product "Sentinel Hasp Sdk" and version " <= 5.10" | - |
Affected
| in | Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 2.0 Search vendor "Mozilla" for product "Firefox" and version "2.0" | - |
Safe
|